Skip to content

Pull requests: ossf/scorecard

New pull request New
46 Open 3,722 Closed
46 Open 3,722 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

checks/sast: detect Semgrep, Bandit, and gosec SAST workflows size:M This PR changes 30-99 lines, ignoring generated files.
#5103 opened Jun 23, 2026 by DevamShah Loading…
2 tasks done
🌱 Bump the gomod group across 2 directories with 18 updates dependencies Pull requests that update a dependency file go Pull requests that update Go code size:XL This PR changes 500-999 lines, ignoring generated files.
#5102 opened Jun 22, 2026 by dependabot Bot Loading…
✨ Add support for Winget package manager integration size:L This PR changes 100-499 lines, ignoring generated files.
#5101 opened Jun 21, 2026 by andy778 Loading…
2 tasks done
1
2
🌱 Normalize extracted file paths across repository handlers size:M This PR changes 30-99 lines, ignoring generated files.
#5099 opened Jun 20, 2026 by Tanishq-mellu Loading…
3
fix: detect committer context in dangerous workflows size:XS This PR changes 0-9 lines, ignoring generated files.
#5098 opened Jun 17, 2026 by omobolajiadeyan Loading…
1
✨ Add packaging workflow detection for changesets size:S This PR changes 10-29 lines, ignoring generated files. Stale
#5097 opened Jun 16, 2026 by gr2m Loading…
2 tasks done
1
1
Fix tag-only release checks size:L This PR changes 100-499 lines, ignoring generated files. Stale
#5095 opened Jun 14, 2026 by din-arr Loading…
2 tasks done
1
🌱 Bump the github-actions group across 1 directory with 8 updates dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code size:XS This PR changes 0-9 lines, ignoring generated files.
#5092 opened Jun 8, 2026 by dependabot Bot Loading…
🌱 Bump chainguard/static from 5e9c881 to 77d8b89 dependencies Pull requests that update a dependency file docker Pull requests that update Docker code size:XS This PR changes 0-9 lines, ignoring generated files. Stale
#5091 opened Jun 8, 2026 by dependabot Bot Loading…
1
🐛 Normalize path separators for --local mode on Windows size:XS This PR changes 0-9 lines, ignoring generated files. Stale
#5089 opened Jun 6, 2026 by Shtirmann Loading…
1 of 2 tasks
1
1
Expand Dangerous Workflow untrusted context detection size:S This PR changes 10-29 lines, ignoring generated files. Stale
#5086 opened Jun 2, 2026 by maheshkukreja Loading…
1
1
🐛 Dangerous-Workflow: detect fork repo metadata and workflow_run branch as untrusted size:XS This PR changes 0-9 lines, ignoring generated files.
#5085 opened Jun 2, 2026 by arpitjain099 Loading…
2 tasks done
2
🐛 report repository creation from oldest commit size:S This PR changes 10-29 lines, ignoring generated files. Stale
#5082 opened Jun 1, 2026 by janderssonse Loading…
2 tasks done
3
🐛 Detect dependency update configs omitted from archives size:L This PR changes 100-499 lines, ignoring generated files. Stale
#5081 opened May 29, 2026 by msnandhis Loading…
2 tasks done
1
1
🐛 Avoid OSV scans when no target is available size:S This PR changes 10-29 lines, ignoring generated files. Stale
#5077 opened May 29, 2026 by bmendonca3 Loading…
1
2
🐛 Include workflow path in parse errors size:XS This PR changes 0-9 lines, ignoring generated files. Stale
#5076 opened May 29, 2026 by bmendonca3 Loading…
2
✨ Detect Brakeman SAST workflows size:S This PR changes 10-29 lines, ignoring generated files. Stale
#5075 opened May 29, 2026 by bmendonca3 Loading…
2
🐛 Use GitLab diff head SHA for CI-Tests statuses size:S This PR changes 10-29 lines, ignoring generated files. Stale
#5074 opened May 29, 2026 by bmendonca3 Loading…
1
2
✨ Factor private vulnerability reporting into Security-Policy size:L This PR changes 100-499 lines, ignoring generated files. Stale
#5073 opened May 29, 2026 by bmendonca3 Loading…
2
🌱 Bump github.com/go-git/go-git/v5 from 5.18.0 to 5.19.1 in /tools dependencies Pull requests that update a dependency file go Pull requests that update Go code size:S This PR changes 10-29 lines, ignoring generated files.
#5066 opened May 19, 2026 by dependabot Bot Loading…
2
🌱 Bump the distroless group across 6 directories with 1 update dependencies Pull requests that update a dependency file docker Pull requests that update Docker code size:S This PR changes 10-29 lines, ignoring generated files.
#5064 opened May 18, 2026 by dependabot Bot Loading…
🌱 Bump github.com/slack-go/slack from 0.17.3 to 0.23.1 in /tools dependencies Pull requests that update a dependency file go Pull requests that update Go code size:XS This PR changes 0-9 lines, ignoring generated files. Stale
#5062 opened May 14, 2026 by dependabot Bot Loading…
3
🌱 Bump github.com/go-git/go-billy/v5 from 5.8.0 to 5.9.0 in /tools dependencies Pull requests that update a dependency file go Pull requests that update Go code size:XS This PR changes 0-9 lines, ignoring generated files. Stale
#5060 opened May 14, 2026 by dependabot Bot Loading…
3
🌱 Bump the golang group across 8 directories with 1 update dependencies Pull requests that update a dependency file docker Pull requests that update Docker code size:S This PR changes 10-29 lines, ignoring generated files.
#5052 opened May 11, 2026 by dependabot Bot Loading…
🐛 Improve error messages for branch-protection and pip-install checks size:S This PR changes 10-29 lines, ignoring generated files. Stale
#5043 opened May 2, 2026 by alliasgher Contributor Loading…
2
5
ProTip! Mix and match filters to narrow down what you’re looking for.